GnuTLS/NSS interop in Exim 4.80 RC
nmav at gnutls.org
Tue May 22 10:28:44 CEST 2012
On Tue, May 22, 2012 at 10:24 AM, Phil Pennock
<help-gnutls-phil at spodhuis.org> wrote:
>> I don't really understand what you mean here. Is there an issue in
>> gnutls we can somehow improve?
> When we were tracking down the NSS interop issue, we were both led a
> little astray by one error return.
> <gnutls/gnutls.h> says:
> #define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 /* GNUTLS_A_RECORD_OVERFLOW */
> The error message was "A TLS packet with unexpected length was
> The problem is that *no* TLS packet was received. Instead, there was an
> EOF condition. (Okay, sure there's a TCP RST involved, but that's not
> I spent a bit of time looking for the extra packet, and not seeing it in
> ssltap/etc this is what led me to initially wonder if there was stale
> data being left behind from a previous packet to GnuTLS.
> If it can be accomplished without real interoperability issues, a
> separate error code for EOF would really help with diagnosis.
We have separate error codes for these conditions in gnutls 3.0.x.
More information about the Gnutls-help